The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2019-1003001 | A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM. | Medium | Feb 13, 2019 |
CVE-2019-1003002 | A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM. | Medium | Feb 13, 2019 |
CVE-2019-1003003 | An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts. | Medium | Feb 13, 2019 |
CVE-2019-1003020 | A server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and earlier in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL. | Medium | Feb 13, 2019 |
CVE-2019-2545 | Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: LDoms IO). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Solaris. CVSS 3.0 Base Score 4.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | Low | Feb 13, 2019 |
CVE-2019-3610 | Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware. | LOW | Feb 13, 2019 |
CVE-2019-3782 | Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file. A local authenticated malicious user with access to the CredHub CLI config file can use these credentials to retrieve and modify credentials stored in CredHub that are authorized to the targeted user. | LOW | Feb 13, 2019 |
CVE-2019-5736 | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. | HIGH | Feb 13, 2019 |
CVE-2019-5909 | License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03)) allows remote attackers to bypass access restriction to send malicious files to the PC where License Manager Service runs via unspecified vectors. | HIGH | Feb 13, 2019 |
CVE-2019-5910 | Directory traversal vulnerability in HOUSE GATE App for iOS 1.7.8 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | MEDIUM | Feb 13, 2019 |
CVE-2019-5911 | Untrusted search path vulnerability in the installer of UNLHA32.DLL (UNLHA32.DLL for Win32 Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | MEDIUM | Feb 13, 2019 |
CVE-2019-5912 | Untrusted search path vulnerability in the installer of UNARJ32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | MEDIUM | Feb 13, 2019 |
CVE-2019-5913 | Untrusted search path vulnerability in the installer of LHMelting (LHMelting for Win32 Ver 1.65.3.6 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | MEDIUM | Feb 13, 2019 |
CVE-2019-5914 | V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer exception flaw that can be used by an attacker to cause the device to crash on the same network range via a specially crafted access point. | MEDIUM | Feb 13, 2019 |
CVE-2019-5915 | Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page. | MEDIUM | Feb 13, 2019 |
CVE-2019-5916 | Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and earlier, Ver 2.1 Patch 4 and earlier, Ver 2.2 Patch 7 and earlier, Ver 2.3 Patch 9 and earlier, Ver 2.4 Patch 13 and earlier, Ver 2.5 Patch 12 and earlier, Ver 2.6 Patch 8 and earlier, Ver 2.7 Patch 6 and earlier, Ver 2.7 Government Edition Patch 7 and earlier, Ver 2.8 Patch 6 and earlier, Ver 2.8c Patch 5 and earlier, Ver 2.9 Patch 4 and earlier) allows remote attackers to execute EL expression on the server via unspecified vectors. | HIGH | Feb 13, 2019 |
CVE-2019-6289 | uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename. | Medium | Feb 13, 2019 |
CVE-2019-6533 | Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166). | Medium | Feb 13, 2019 |
CVE-2019-6537 | Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when parsing strings within project files. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage these vulnerabilities to execute code under the context of the current process. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro\'s Zero Day Initiative, reported these vulnerabilities to NCCIC. | MEDIUM | Feb 13, 2019 |
CVE-2019-6539 | Several heap-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior have been identified, which may allow arbitrary code execution. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro\'s Zero Day Initiative, reported these vulnerabilities to NCCIC. | HIGH | Feb 13, 2019 |
CVE-2019-6541 | A memory corruption vulnerability has been identified in WECON LeviStudioU version 1.8.56 and prior, which may allow arbitrary code execution. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro\'s Zero Day Initiative, reported these vulnerabilities to NCCIC. | MEDIUM | Feb 13, 2019 |
CVE-2019-6543 | AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. Code is executed under the program runtime privileges, which could lead to the compromise of the machine. | HIGH | Feb 13, 2019 |
CVE-2019-6545 | AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. An unauthenticated remote user could use a specially crafted database connection configuration file to execute an arbitrary process on the server machine. | HIGH | Feb 13, 2019 |
CVE-2019-6549 | An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) through FTP. | Medium | Feb 13, 2019 |
CVE-2019-6589 | On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an undisclosed page of the BIG-IP TMUI (Traffic Management User Interface) also known as the BIG-IP configuration utility. | MEDIUM | Feb 13, 2019 |
CVE-2019-7664 | In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash). | Medium | Feb 13, 2019 |
CVE-2019-7673 | An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored in the 13-character DES hash format. | Medium | Feb 13, 2019 |
CVE-2019-7674 | An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to set the aaaaa password, considered insecure for some use cases, from a user. | Medium | Feb 13, 2019 |
CVE-2019-7675 | An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application is delivered over cleartext HTTP with Basic Authentication, as demonstrated by the /admin/index.html URI. | Medium | Feb 13, 2019 |
CVE-2019-7698 | An issue was discovered in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls, a related issue to CVE-2018-20095. | Medium | Feb 13, 2019 |
CVE-2019-7720 | taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request. | High | Feb 13, 2019 |
CVE-2019-7738 | C.P.Sub before 5.3 allows CSRF via a manage.php?p=article_del&id= URI. | Medium | Feb 13, 2019 |
CVE-2019-7739 | An issue was discovered in Joomla! before 3.9.3. The No Filtering textfilter overrides child settings in the Global Configuration. This is intended behavior. However, it might be unexpected for the user because the configuration dialog lacks an additional message to explain this. | Medium | Feb 13, 2019 |
CVE-2019-7740 | An issue was discovered in Joomla! before 3.9.3. Inadequate parameter handling in JavaScript code (core.js writeDynaList) could lead to an XSS attack vector. | Medium | Feb 13, 2019 |
CVE-2019-7741 | An issue was discovered in Joomla! before 3.9.3. Inadequate checks at the Global Configuration helpurl settings allowed stored XSS. | Medium | Feb 13, 2019 |
CVE-2019-7742 | An issue was discovered in Joomla! before 3.9.3. A combination of specific web server configurations, in connection with specific file types and browser-side MIME-type sniffing, causes an XSS attack vector. | Medium | Feb 13, 2019 |
CVE-2019-7743 | An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism (such as the TYPO3 PHAR stream wrapper) to prevent use of the phar:// handler for non .phar-files. | High | Feb 13, 2019 |
CVE-2019-7744 | An issue was discovered in Joomla! before 3.9.3. Inadequate filtering on URL fields in various core components could lead to an XSS vulnerability. | Medium | Feb 13, 2019 |
CVE-2019-7747 | DbNinja 3.2.7 allows session fixation via the data.php sessid parameter. | Medium | Feb 13, 2019 |
CVE-2019-8313 | An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the twsystem function with untrusted input from the request body for the SetIPv6FirewallSettings API function, as demonstrated by shell metacharacters in the SrcIPv6AddressRangeStart field. | High | Feb 13, 2019 |
CVE-2019-8318 | An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the twsystem function with untrusted input from the request body for the SetSysEmailSettings API function, as demonstrated by shell metacharacters in the SMTPServerPort field. | High | Feb 13, 2019 |
CVE-2019-8334 | An issue was discovered in SchoolCMS 2.3.1. There is an XSS vulnerability via index.php?a=Index&c=Channel&m=Home&viewid=[XSS]. | Medium | Feb 13, 2019 |
CVE-2019-8335 | An issue was discovered in SchoolCMS 2.3.1. There is an XSS vulnerability via index.php?a=Index&c=Channel&m=Home&id=[XSS]. | Medium | Feb 13, 2019 |
CVE-2019-8337 | In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default configuration, certificate-verification results are not properly checked. | MEDIUM | Feb 13, 2019 |
CVE-2018-20436 | ** DISPUTED ** The secret chat feature in Telegram 4.9.1 for Android has a side channel in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more other Telegram products, such as Telegram Web-version 0.7.0. In addition, it can be interpreted as an SSRF issue. NOTE: a third party has reported that potentially unwanted behavior is caused by misconfiguration of the Secret chats > Preview links setting. | MEDIUM | Feb 14, 2019 |
CVE-2018-20437 | ** DISPUTED ** An issue was discovered in the fileDownload function in the CommonController class in FEBS-Shiro before 2018-11-05. An attacker can download a file via a request of the form /common/download?filename=1.jsp&delete=false. NOTE: the software maintainer disputes the significance of this report because the product uses a JAR archive for deployment, and this contains application.yml with configuration data. | MEDIUM | Feb 15, 2019 |
CVE-2019-8343 | In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c. | Medium | Feb 15, 2019 |
CVE-2019-8358 | In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled. | Medium | Feb 19, 2019 |
CVE-2013-2565 | A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver. | Medium | Feb 19, 2019 |
CVE-2019-8354 | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow. | Medium | Feb 20, 2019 |